package com.de.config;

import com.de.Realm.LoginRealm;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;

import javax.servlet.Filter;
import java.util.LinkedHashMap;
import java.util.Map;

/**
 * @Description shiro配置
 * @Date 2020/2/26
 * @Author de
 * @Version
 **/
@Configuration
public class ShiroConfig {


    /**
     * @Description 配置加密规则
     * @Param
     * @Date 2020/2/26
     * @return
     * @Author
     **/
    @Bean
    public CredentialsMatcher HashedCredentialsMatcher(){
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
        matcher.setHashAlgorithmName("md5");
        matcher.setHashIterations(1000);
        return matcher;
    }

    /**
     * @Description
     * @Param 配置自己的realm
     * @Date 2020/2/26
     * @return org.apache.shiro.realm.Realm
     * @Author
     **/

    @Bean
    public Realm realm(){
        LoginRealm realm = new LoginRealm();
        realm.setCredentialsMatcher(HashedCredentialsMatcher());
        return realm;
    }


    /**
     * @Description DefaultWebSecurityManager
     * @Param
     * @Date 2020/2/26
     * @return
     * @Author
     **/
    public SecurityManager securityManager() {
        DefaultSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(realm());
        return securityManager;
    }


    /**
     * @Description 配置 ShiroFilter工厂
     * @Param
     * @Date 2020/2/26
     * @return
     * @Author
     **/
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean() {
        ShiroFilterFactoryBean shiroFilterFactory = new ShiroFilterFactoryBean();
        shiroFilterFactory.setSecurityManager(securityManager());
        shiroFilterFactory.setLoginUrl("/tologin");
        shiroFilterFactory.setSuccessUrl("/hello");
        //登出

        //此处使用有顺序的map，设置拦截认证
        Map<String, String> filterChainDefinitionMap = new LinkedHashMap();
        filterChainDefinitionMap.put("/login","anon");
        filterChainDefinitionMap.put("/logout","logout");
//        FilterChainDefinitionMap.put("/login.html","anon");

//        设置授权拦截
        filterChainDefinitionMap.put("/*", "anon");
        filterChainDefinitionMap.put("/authc/index", "authc");
        filterChainDefinitionMap.put("/authc/admin", "roles[admin]");
        filterChainDefinitionMap.put("/authc/admin", "roles[自定义字符串]");
        filterChainDefinitionMap.put("/authc/renewable", "perms[Create,Update]");
        filterChainDefinitionMap.put("/authc/removable", "perms[Delete]");
        filterChainDefinitionMap.put("/authc/removable", "perms[自定义字符串]");
//         这个需要写到最后，不然上面的不生效
        filterChainDefinitionMap.put("/**","authc");


        //设置过滤器链
        Map<String, Filter> filterMap = new LinkedHashMap<>();
        shiroFilterFactory.setFilters(filterMap);
        shiroFilterFactory.setFilterChainDefinitionMap(filterChainDefinitionMap);

//        shiroFilterFactory.setUnauthorizedUrl("/login.html");
        return shiroFilterFactory;
    }


    @Bean("lifecycleBeanPostProcessor")
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }


    @Bean
    @DependsOn({"lifecycleBeanPostProcessor"})
    public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator() {
        DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
        advisorAutoProxyCreator.setProxyTargetClass(true);
        return advisorAutoProxyCreator;
    }

}
